Small Business Cybersecurity Tips for 2021
While website performance is always a chief concern for small businesses, website security has become extremely important this year as more and more businesses continue to operate online or remotely. And the need for increased cybersecurity will only continue to grow in 2021.
Hristo Pandjarov, WordPress Initiatives Manager at SiteGround, has over 15 years of experience with building website technology, and is an expert in small business security best practices. He will break down actionable tips for creating a more secure site for small businesses of all kinds.
As more companies look to better protect employees and websites in the new year, there are several steps that individuals and businesses should take in order to be more secure, including:
- Keep software up-to-date: Use all the tools provided by your web hosting provider. If using a popular CMS for your website, like WordPress, for example, auto-updates keep the site up-to-date, including all new security patches.
- Create automatic backups: Ensure the site is backed up frequently in case of hacking incidents or simple human error. Most web hosts offer automatic backups for easy restoration.
- Only install trusted themes and plugins: There are millions of third-party plugins andthemes for websites and online stores, both free and paid. Not all of them are high-quality and some of them can actually cause vulnerabilities on a site. Make sure to only install trusted plugins and themes.
- Developing a company-wide device policy: Update all software on employee’s devices regularly, including tablets and phones. Send company-wide updates for all critical vulnerabilities found in popular software products or devices that employees might be using.
- Securing logins: Recent data has shown vulnerabilities in many passwords this year. A staggering 81 percent of security breaches are due to stolen passwords.To maintain safety, set forced password updates and enable two-factor authentication wherever possible. Avoiding common usernames like “admin” or “administrator” and saving passwords only via password vaults, instead of in the browser, are a great place to start.
- Securing website access levels: As companies look to third-party resources for help, create separate accounts which can be later deleted with limited access. And only provide admin access where it’s strictly necessary.
- Not simply relying on VPNs: Be sure to apply both two-factor authentication and authorization to all critical resources, whenever possible.
These recommended actions are a great foundation, those who are looking for extra assurance that their site is secure can consider bringing on a cybersecurity consultant to set the rules and procedures small business owners need to follow to make sure employees and data stay safe.